Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

implement token for kaos init #23

Closed
jfri3d opened this issue Oct 17, 2019 · 0 comments · Fixed by #79
Closed

implement token for kaos init #23

jfri3d opened this issue Oct 17, 2019 · 0 comments · Fixed by #79
Assignees
@nithishr
Labels
feature

Comments

@jfri3d
Copy link
Contributor

jfri3d commented Oct 17, 2019
edited
Loading

What is the desired change?

Simple security for the cluster can be improved by safeguarding access with a token (placeholder implemented).

How will this change improve kaos?

Add a layer of security to ensure a cluster is not fully accessible without a token.

Any thoughts on the implementation approach?

User flow would be as follows:

  1. System Admin (or Superhero) creates backend with kaos build ...
  2. UUID is created (token) and added to backend as ENV (via terraform)
  3. UUID is written to ./kaos/config (have to think of immutability)
  4. Data Scientist requires valid UUID (token) for all requests -> additional decorator for token exists, and add header to all requests
  5. backend requires decorator for auth validity
@jfri3d jfri3d added the feature label Oct 17, 2019
@jfri3d jfri3d changed the title implement token for kaos init implement JWT token for kaos init Nov 4, 2019
@jfri3d jfri3d changed the title implement JWT token for kaos init implement token for kaos init Nov 6, 2019
nithishr added a commit that referenced this issue Nov 12, 2019
@nithishr
[#23] Adapted the terraform variables;
4795671
nithishr added a commit that referenced this issue Nov 12, 2019
@nithishr
#23 Pass the authorization token to terraform while building kaos
e660fab
@nithishr nithishr mentioned this issue Nov 12, 2019
Merged
8 tasks
aalhour added a commit that referenced this issue Dec 20, 2019
@nithishr @aalhour @DanielMorales9
K-23: API authorization (#79)
d4fc29e 
* [#23] Adapted the terraform variables;

* #23 Pass the authorization token to terraform while building kaos

* Add the decorators & headers for authorizing all requests to all backend endpoints & CLI operations

* Add authorization to backend unit tests

* Remove unused import

* Fix integration test by adding authorization

* Fix integration test by adding authorization

* Changes for new version of config file in facades

* Fix integration test (missing auth header)

* Review fixes: Change decorator name; token renaming

* Fix broken unit tests

* Test integration test

* Revert the Authorization Header back to custom Token header

* Rename the header from Token to X-Authorization-Token

* Change the X-Authorization-Header to custom X-Token header

* Add error handling to cli; Fix auth header typo

* Fix typo in Auth Exception message

* fixes

* Version updated to: 1.1.1

Co-authored-by: Ahmad Alhour <aalhour@users.noreply.github.com>
Co-authored-by: Daniel <dnlmrls9@gmail.com>
ms-shankar added a commit that referenced this issue Jan 28, 2020
@ms-shankar
write_aws_auth_config var removed to resolve aws build fails after me…
16794bd 
…rging #23
aalhour pushed a commit that referenced this issue Feb 4, 2020
@ms-shankar
K-80: tf state file handling for multiple deployments (#95)
8ac1e00 
* temp tf_state validation check removed

* [WIP k-xxx] tf state file validations

* tf_state file fixed for local, fixed bug for multiple deployments of the same kind

* build deploy style correction

* Version updated to: 1.1.4

* descriptive kaos home (fixed color scheme bug)

* Version updated to: 1.1.4

* write_aws_auth_config var removed to resolve aws build fails after merging #23

* Version updated to: 1.1.4
@aalhour aalhour mentioned this issue Oct 22, 2020
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nithishr nithishr

Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

K-23: API authorization KI-labs/kaos
2 participants
@nithishr @jfri3d